Relating to Consumption of Content

ABSTRACT

A method and apparatus for consumption of content ( 1 ) is described in which a licensor is able to exercise control over consumption based on a personal identity in the form of a set of binding attributes ( 15 ). The control may be exercised for a number of consuming terminals ( 19 ) including rendering machines such as portable video and audio players.

CROSS REFERENCE TO RELATED APPLICATION

This application claims the benefit of the filing date of ProvisionalApplication Ser. No. 60/314,095, filed on Aug. 23, 2001, entitled“Improvements in and Relating to Consumption of Content” which isincorporated herein by reference in its entirey.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to the consumption of content,particularly although not exclusively the distribution, rendering anddecryption of content having digital rights such as copyright therein.

2. Description of the Prior Art

Typically, content such as video, audio or textual data is consumed by auser via a terminal such as a rendering machine. A rendering machinetransforms the data defining the content into a form which may beinterpreted by a user's senses. Thus, content in the form of video maybe rendered on a visual display unit or monitor, audio content may berendered by a stereo system and a printer used to render textualcontent, to name but a few examples. In many cases, such as thedistribution of content recorded on magnetic media, optical disk or thelike, a number of steps will take place in rendering the data to a formsuitable for interpretation by a user's senses.

With the advent of digital content distribution, the opportunity hasarisen for faultless replication of content to be carried out. Clearly,without appropriate controls, such replication or copying can take placewithout the agreement of a content relevant right's holder/owner. Aparticular challenge to the content generating community, which includesrecord companies, publishers and other right holders, is the ease withwhich digital content may be disseminated, particularly over networks.This ease of dissemination is also coupled with the fact that there islittle or no degradation in the quality of the content despite repeatedcopying and forwarding of the content in its original format. Thus,unauthorized copies of copyrighted content will meet the same highexpectations of consumers in relation to the authorized content.

Consequently, many approaches have been implemented and are beingdeveloped to protect such content for rendering on a particularrendering machine. A particularly favored approach (FIG. 3) is toprovide each rendering machine 2 with a globally unique tamperproofidentity 4 and to incorporate a Digital Rights Management (DRM) engine 6into the device 2. Subsequently, content stored in encrypted form on thedevice 2 may be unlocked only where license conditions, including arequirement to confirm that the globally unique identity 4 of the device2 matches a set of binding attributes in the license, are met.

SUMMARY OF THE INVENTION

According to one aspect of the present invention, there is provided amethod of decrypting content stored on a terminal, the method comprisingobtaining a license comprising a content decryption key and a set ofbinding attributes, the attributes including a public key; establishinga communication link between the terminals; receiving digitally signeddata on the communication link at the terminal from the one otherterminal; verifying at the terminal the digitally signed data utilizingthe said public key; and wherein the terminal in response toverification of the digitally signed data using the content decryptionkey to decrypt the content.

By binding content to a consumer identity, preferably in the form of anasymmetric key-pair, with a private key held in a Personal TrustedDevice (PTD) of the user, the content is no longer bound to a particularterminal such as a rendering machine. As a result, the consumer is ableto enjoy content in any suitable rendering machine wherever the consumeris able to prove the consumer's identity through the presence of theconsumer's personal trusted device or more particularly through thepresence of the consumer's private key on a secure tamperproof securityelement accessible to a protected processing environment (PPE) of theconsumer's personal trusted device. Such a PPE provides functionsincluding the ability to digitally sign data e.g. text, for the purposesof authentication. The choice of whether to use symmetric or asymmetricencryption techniques to protect the content, and any associatedbusiness rules or other conditions relating to the content, is dependentupon not only on the preferences of the rights holder, but also ontechnical considerations relating to security, ease and/or speed ofencryption/decryption, key distribution and the like. Indeed, a hybridapproach may be taken in which both asymmetric and symmetric encryptionschemes are adopted to encrypt content, business rules and otherconditions relevant thereto.

According to a further aspect of the present invention, there isprovided a terminal for rendering encrypted content, comprising astorage for the encrypted content and a license containing a contentdecryption key and a set of binding attributes, the attributes includinga public key; a protected processing environment; a personal areanetwork interface which establishes a communication link between theterminal and at least one other terminal and which delivers digitallysigned data received from the other terminal to the protected processingenvironment; and wherein upon successful verification of the digitallysigned data using the public key, the protected processing environmentdecrypts the encrypted content using the content decryption key.

Conveniently, the protected processing environment includes a digitalrights management engine operable in accordance with the set of bindingattributes.

According to a still further aspect of the present invention, there isprovided a license creation method for facilitating the decryption ofcontent on a terminal, the method comprising appending a set of bindingattributes to a content decryption key wherein the binding attributesinclude a public key certificate obtained from a repository holding apublic key certificate of a licensee with a corresponding private keybeing held on another terminal.

The license creation method is most conveniently under the control ofthe content provider or a party authorized thereby. Thus, the contentprovider should be able to verify the identity of those customers towhom the content provider provides access to encrypted content in theform of a license. Such verification of identity may be carried out byauthenticating those certificates obtained from the repository with therelevant certification authority.

The public key certificate may be stored at the terminal oralternatively access to the public key certificate may be obtained bythe terminal by storing a URL at the terminal, which is an alias to anetwork address at which the public key certificate may be retrieved bythe terminal for rendering the content. The use of the URL decreases thestorage requirements for data at the terminal significantly.Consequently, the URL at which the public key certificate may beretrieved may be stored in the terminal so that the terminal merelyfetches the public key certificate when necessary.

The content provider is able to assess a level of trust in each customerbased on the results of verification of the digital signature and thenature of the certification authority. This level of trust may beutilized by the content provider in determining what rights, if any,should be given in the license. Such rights may conveniently be storedin a voucher attached to the license or alternatively the content.

Whether a voucher is attached or otherwise delivered with the content orlicense, the DRM engine of a terminal is able to parse the voucher andact in accordance with any restrictions set by the content provider orowner in terms of the granted rights. The content or license is lockedunless the right voucher is available.

The license may include a plurality of binding attributes which mayallow content to be rendered by corresponding user identities. In whichcase, the content provider may establish different conditions to therendering of the content as parsed from a corresponding voucher by a DRMengine of a terminal. Different user or device specific conditions, e.g.preferences or profiles may be established.

Although the license may only be delivered to a user on payment of a feefor example, advantageously, it may only be utilized to access contentprovided the relevant binding attributes can be satisfied, namelythrough the above described mechanism. Consequently, the license isfreely transferable over a network or indeed on any insecure channel.

The invention further is a method of distributing encrypted content to aterminal comprising delivering encrypted content and a license relatingthereto to a terminal, the license containing binding attributescorresponding to a user identity, and requesting authentication of theattributes by a personal trusted device.

It will be apparent that the personal trusted device may be utilized toauthenticate the attributes of a license regardless of the particularplatform on which the content is to be rendered, provided the requisitecommunication can be established. The rendering device and trusteddevice can be different which allows a free roaming voucher to beutilized.

A terminal which renders encrypted content in accordance with theinvention includes a storage for the encrypted content and a license,the license containing a content decryption key and a set of bindingattributes, the attributes including a public key; a protectedprocessing environment; a communication link between the terminal and atleast one other terminal which delivers digitally signed data from theother terminal to the terminal; a digital rights management enginedisposed in a non-secure part of the terminal; and a digital rightsmanagement agent disposed within the protected processing environmentwhich verifies if the digitally signed data is signed by a licensee ofthe encrypted content and upon verification, uses the content decryptionkey to decrypt the encrypted content. The storage may be unprotected;and the digital rights management engine may decrypt the set of bindingattributes to determine if the encrypted content is licensed to bedecrypted and if the encrypted content is authorized to be decryptedsignals the digital rights management engine to render the content. Thepersonal area network interface may issue a request to the otherterminal to provide the digitally signed data. An encrypted part of thelicense may include a user identity certificate issued and digitallysigned by a certification authority which permits a licensor of thecontent to establish a level of trust in a licensee of the content. Anencrypted part of the license may include a URL which is an address atwhich a user identity certificate was issued and a digitally signed by acertification authority may be obtained which permits a licensor of thecontent to establish a level of trust in a licensee of the content.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to understand more fully the present invention particularembodiments thereof are now be described by way of example and withreference to the accompanying drawings, in which:

FIG. 1 is a diagrammatic representation of encrypted content andassociated attributes or business rules helpful for use in understandingthe present invention;

FIG. 2 is a diagrammatic representation of an encrypted license inaccordance with one aspect of the present invention;

FIG. 3 is a schematic view of a prior art content rendering system;

FIG. 4 is a schematic view of a content rendering system according to afurther aspect of the present invention;

FIG. 5 is a diagrammatic view of a personal trusted device of FIG. 4;

FIG. 6 is a diagrammatic view of a rendering machine of the system ofFIG. 4;

FIG. 7 is a schematic view of the system of FIG. 4;

FIGS. 8 a to 8 d are examples of screen displays of the renderingmachine of FIG. 6;

FIG. 9 is a flow chart illustrating a method according to a still afurther aspect of the present invention;

FIG. 10 is a diagram of an embodiment of a rendering machine having highsecurity against obtaining the encrypted content stored therein withoutappropriate authority which does not require substantial data storagecapability;

FIG. 11 illustrates one form of a voucher stored in the unprotectedstorage of FIG. 10; and

FIG. 12 illustrates one form of the content stored in the unprotectedstorage of FIG. 10.

Like reference numerals identify like parts throughout the drawings.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS OF THE INVENTION

Referring to FIG. 1, content 1 for delivery to a terminal, hereinafterreferred to as a rendering machine is, in this case, packaged togetherwith a voucher 3 defining a set of conditions, (e.g. business rules)applying to the rendering of that content 1. By way of example, theconditions may describe the technical requirements for rendering thecontent 1 and/or additional data such as copyright and distributionrights information. The entire package of content and metadata (dataabout data) is protected against unauthorized access by a symmetricencryption key 5. Typically, the strength of the symmetric encryptiontechnology is at least 128 bits and a suitable symmetric encryptionalgorithm may be without limitation that set out in the AdvancedEncryption Standard (AES) draft proposal for a Federal InformationProcessing Standard (FIPS) dated Feb. 28, 2001 which is incorporatedherein by reference in its entirety.

As illustrated in FIG. 2, in addition to packaging the content 1securely, the content owner or a party authorized thereby, generates alicense 7 pertaining to that content. In particular, the license 7comprises encrypted 9 and unencrypted 11 portions. The unencryptedportion 11, which identifies the licensee, incorporates additional dataidentifying the content 1 to which it relates. Because this metadata isunencrypted, the metadata is visible to external services required tomanipulate the license and the corresponding content such as thoseservices provided by a DRM engine as described below in FIGS. 6, 7 and10-12 and exemplified by certain security aspects of the WirelessApplication Protocol Identity Module specification (WIM) published bythe Wireless Application Forum, Limited and dated Feb. 18, 2000 which isincorporated herein by reference in its entirety. The encrypted portion9 of the license 7 contains a symmetric content key 13 and a set ofbinding attributes 15. The key 13 enables access to the correspondingcontent 1 while the binding attributes 15 relate to user identificationdata which will be elaborated upon below. Similarly, the encryptedportion 9 of the license 7 is manipulated by those external servicesrequired to manipulate the license and the corresponding content 1 suchas those services provided by the DRM engine and exemplified by certainfurther security aspects of the aforementioned Wireless ApplicationProtocol Identity Module specification. The encryption key pair,including public key 17 of a key pair used to protect theabove-described encrypted portion 9 of the license 7, preferablyutilizes asymmetric encryption techniques.

With reference to FIG. 7, the public key 17 and the correspondingprivate key 91 are used to open the encrypted portion 9 at step (A) toaccess the symmetric content key 13 required at step (C) to unlock theencryption 5 of the content 1. The key pair comprising the public key 17and private key 91 protecting the encrypted license portion is generatedby or on behalf of a content provider and remains under the contentprovider's control. In particular, the content provider is able tocontrol to whom the license 7 is delivered. Typically, delivery of thelicense 7 will be contingent on payment of an appropriate fee or thelike.

With reference to FIG. 4, there is shown a plurality of contentrendering machines 19 a, 19 b, 19 c and a number of Personal TrustedDevices (PTD) 21 a, 21 b, 21 c. The plurality of content renderingmachines 19 a, 19 b, 19 c includes both portable and fixed equipment. Inaddition, the rendering machines 19 a, 19 b, 19 c need not be of thesame ownership as any or all of the PTDs 21 a 21 b, and 21 c.

Each PTD 21 a, 21 b and 21 c has a networking capability used tocommunicate with a rendering machine. Typically, such a capability isprovided by a Personal Area Network (PAN) through the provision of oneor more technologies from the following non-exhaustive list, namelywireless connectivity such as Infra Red, Low Power Radio Frequency(LPRF) such as e.g. Bluetooth and wired connectivity such as parallelport, serial port, USB, IEEE 1394 and the like. The extent of each PANis shown by respective chain lines 23 a, 23 b, 23 c. The PAN may overlapas shown. The PAN capability is interfaced with the known functionalityof a mobile terminal as is well known to those skilled in the art.

Referring to FIG. 5, each of the PTDs 21 a, 21 b and 23 c includes adisplay 29, a data entry device such as a keypad 31, a transceiver 33,an antenna 35, a general memory 37, a controller 39 and theaforementioned connectivity provided by a wireless interface 25 andwired interface 27. In addition, the PTD 21 is provided with audio/videooutputs 41 as well as a headphone jack 43, a speaker 45 and a microphone47. The general memory 37 includes Read Only and Random Access portions(ROM and RAM) 49 and 51 respectively and provides storage for the codenecessary to implement the PAD 21 functions and storage for data whichhas been generated, received or otherwise utilized by the PTD 21 exceptto the extent that the function is carried out by or relates to aProtected Processing Environment (PPE) 53. The operation of the mobiletelephone functions of the PTD in relation to a wireless network is, ofcourse, well understood by those skilled in the art and is thereforeherein not described.

The PPE 53 of the PTD 21 implements the functions required to provideauthentication through a set of services including providing digitalsignatures and as exemplified by the aforementioned Wireless ApplicationProtocol Identity Module specification (WIM). In addition to theconnection to the controller 39, the PPE 53 is connected to a SecurityElement Interface 55 providing a secure access channel to a tamperresistant storage module, hereinafter referred to as a Security Element(SE) 57. The SE 57 holds private keys, certificates and other personaldata belonging to a user. The SE 57 inhibits access to the data storedtherein by a combination of well-known physical and software barriers.The SE (vault) 57 facilitates the storage of a private key forming partof an asymmetric key pair owned by the SE 57 owner which in the eventthe SE 57 is not a permanent component of the terminal 21 will mostprobably, but not necessarily, correspond to the owner of the terminal21 in which the SE 57 is installed.

Referring to FIG. 7, the corresponding public key 93 is made availableto third parties as a constituent of a user identity certificate 61issued and digitally signed by a certification authority (CA). Forconvenience of access, the certificate 61 is stored on a repository (notshown) to which a content provider, amongst others has readingprivileges.

The rendering machines 19 a, 19 b and 19 c of FIG. 4 each have a generalarchitecture shown in FIG. 6 and may have the more specific DRMarchitecture explained below with reference to FIGS. 10-12. Asillustrated in phantom in FIG. 7, the user identity certificate 61 inthe terminal may alternatively be replaced by storage of a URL 63′ whichis the address in a network at which the identical user identitycertificate 61′ may be fetched when the user identity certificate 61 isnot present in the terminal. The network location 65′ at which the useridentity certificate 61′ may be fetched in any location in any networkfrom which data is available.

Each rendering machine 19, therefore comprises hardware including acontroller 73 and a PAN interface utilizing at least one connectivityoption including wireless connectivity 63 such as IR and LPRF and wiredconnectivity 65 such serial, parallel, USB, IEEE 1394 and the like. Inaddition to the functions set forth below, the PAN interfaces permit thedelivery of encrypted content and/or licenses to the rendering machine19. For example, as illustrated in FIG. 4, a USB cable 71 may beattached between a portable rendering machine 19 a and a PC 67 having aconnection to the Internet 69 or an internal CD drive. Encryptedcontent, such as music, may then be delivered over the cable 71 andstored in the rendering machine 19 a for later enjoyment provided thenecessary license conditions are met for rendering the content.

If the rendering machine 19 relies on addition external components todeliver rendered content to a user, then a suitable output 75,illustrated in FIG. 6, is provided for delivering rendered content to anoutput device 77, such as a monitor, audio amplifier, or the like.Alternatively, the rendered content is output through a display 79 andloudspeaker 81′. In addition to the connectivity 63 and 65, the device19 further includes a storage in the form of memory 81 provided toaccommodate the large volume of data necessary to store encryptedcontent in the form of video and audio data files, for example. Therendering machine 19 further incorporates a Digital Rights Management(DRM) engine 83 which is connected to a Security Element (SE) 85 via asecurity element interface 87. An embodiment of a DRM, including a DRMengine and a DRM agent in a PPE which is highly resistant to tamperingis described below in conjunction to FIGS. 10-12. Referring to FIG. 7,the SE 85 stores at least one license private key 91 necessary todecrypt the license 7, a portion of which is encrypted using thecorresponding public key 17 of the license public-private key pair. Aswill be described further below, the DRM engine 83 administers the usageof content based on the aforementioned licenses distributed by thecontent provider. Such functionality includes the ability, expanded uponbelow, by which an identity of a user is verified.

Referring again to FIG. 7, the SE 85 of the rendering engine 19 has theprivate license key 91 of a content provider already installed thereonwhich may be used subsequently at step (A) to decrypt licenses 7delivered to the rendering machine 19, that are encrypted with thecorresponding public key 17 of the content provider. In due course, auser of the rendering machine 19 may choose to have the encryptedcontent 1 delivered to the device 19 at which the encrypted content isstored in memory 81. In order to decrypt the content 1 and subsequentlyrender it to the user-licensee, an appropriate license 7 must beobtained from the content provider. Such a license 7 is delivered withthe content 1 or obtained separately over a different channel and/or atdifferent time.

The license 7 contains a set of binding attributes 15. The attributes 15are required to ensure that only a user (licensee) party authorized bythe content provider extracts the symmetrical key 13 required to decryptthe encrypted content 1 from the license.

Typically, delivery of the licenses 7 by the licensor takes place afterconsideration of some form has been provided by the licensee. Suchconsideration could be monetary or it could relate to a commitment tomaintain confidentiality in respect of the content. The particularnature of the consideration, if any, will depend on the particularcircumstances and methods of implementation which vary widely.

The binding attributes 15 are provided in the form of a Public KeyInfrastructure (PKI) user certificate 61 which is representative of thelicensee identity. The certificate 61 contains a public key 93 of thelicensee which is preferably digitally signed by a CertificationAuthority (CA). In an initial step of the licensing process, thelicensor may assess the extent of trust of the certificate of apotential licensee and this may include a determination of the level oftrust in the CA and, of course, whether the certificate has beenappropriately signed.

With additional reference to FIGS. 8 a to 8 d, the user of the renderingmachine 19 first selects the encrypted content which the user desires tohave rendered. Thus, via a user interface (UI), a list of encryptedcontent is displayed on the display (FIG. 8 a). The user selects anencrypted content item from the list and the UI passes an instruction tothe controller 73 which in turn is passed to the DRM engine 83. The DRMengine 83 of the rendering machine 19 first searches for a license 7corresponding to the content for which a request to render has beenreceived by the UI.

Thus, the DRM engine 83 attempts to match the identity of the encryptedcontent 1 with the licensee identity data in the exposed portion 11 ofany license stored on the device 19. In the event, no license can befound, the DRM engine 83 communicates this to the controller 73 whichcauses the UI to display an error message on the display (FIG. 8 b).Otherwise, the DRM engine 83 utilizes the licensee's private key 91 atstep (A) to unlock the encryption surrounding the content key 13 andbinding attributes 15. However, before the content key 13 is extractedduring decryption at step (C), the DRM engine 83 first accesses thebinding attributes 15, namely the user certificate 61. The usercertificate 61 contains a public key 93 of a user to whom a license hasbeen given to render the content 1. The DRM engine 83 instructs thecontroller 73 to commence by polling the local PTDs 21 forming a PAN 23in which the rendering machine 19 is a member. The polling step (B)further contains the instruction to the PTDs 21 within the PAN todigitally sign a randomly generated text with a private key 59 stored inthe PTDs SE 57 and returns at step (B′). The randomly generated text andcorresponding signature is the response to the poll from the renderingmachine 19.

FIG. 9 illustrates the above process in more detail. A hashing algorithm97 generates a one-way hash 99 of a particular part of randomlygenerated RAND data 101 and then encrypts the one-way hash 99 at step103 utilizing the user private key 59 stored in the SE 57 to form adigital signature 105. The signature 105 and corresponding randomlygenerated text 101 is received via each device within the PAN 23 and theDRM engine of the rendering machine 19. Thus, the DRM engine 83 takesthe randomly generated RAND data 101 returned from each device 21 andprocesses the randomly generated RAND data with the same hashingalgorithm 97 to form a one way hash 99. This hash 99 is compared at 109with the results of the decryption 107 of the corresponding signature105 carried out utilizing the public key 93 stored in the certificate 61forming the binding attributes 15, namely a further one way hash 111. Inthe event that the hashes 99 and 111 are not identical, then this is anindication that the public key of the certificate is not the pair of theuser private key on that PTD 21. Thus, the DRM engine 83 does not permitthe extraction of the symmetric key 13 necessary to decrypt theencrypted content 1. Subsequently, if no other PTD 21 has responded tothe polling step (B), then the DRM engine 83 instructs the controller 73to indicate via the UI that the content cannot be accessed. Thus, amessage to this effect is delivered on the display via the UI (FIG. 8c). However, where further devices 21 have responded to the polling step(B), the process of creating a one way hash 99 of the received randomdata 101 and comparison with the one-way hash 111 derived by decrypting107 the digital signature 105 using the certificate public key 93 isrepeated.

In the event that the decrypted one way hash 111 corresponds to the oneway hash 99 formed from the random data 101, then the DRM engine 83 isassured that the PTD 21 is established as being in the possession of theuser identity licensed to render the content 1. Consequently, the DRMengine 83 permits the content key 13 to be extracted and used to decryptthe content 1. This includes decrypting the business rules 3 associatedwith the content 1 which may further determine what actions may becarried out in relation to the content 1 by the user. The successfuldecryption and any associated rules relating to use of the content aredelivered to the display of the rendering machine (FIG. 8 d).

FIGS. 10-12 illustrate an embodiment of the DRM engine which is splitinto two parts which is designed to minimize data storage. The DRMengine 100 is unsecured and the DRM agent 102 is secure as a result ofbeing located in a PPE 104. CODEC 108 provides analog signals to speaker110. A PPE symmetrical secret key 112 is located in a tamper resistantcontainer 113 which may be fused/laser etched. Additionally, a PPEsymmetrical key 114′ is associated with a protected store 114 within thePPE 104 which contains a target TDRM private key 116 associated with theDRM engine 100 and a target private key TPPE 118 associated with the PPE104.

The unprotected storage 120 stores a voucher 122, for example, asillustrated in FIG. 11 and encrypted content 124 as, for example,illustrated in FIG. 12.

With reference to FIG. 11, the DRM voucher 122 includes business rules,content identifications and target device identifications in the samemanner as discussed above with respect to FIG. 7. The business rules,content identifications and target device identifications are encryptedwith a TDRM public key 123. The target TDRM public key 123 is the DRMengine public key and the target is the target device for the voucher.The content key 126 is used to unlock the content and is normally asymmetrical key. The content key 126 is encrypted with a target TPPEpublic key 128 which is the target PPE engine public key and the targetdevice is the target device for the voucher.

The content 124 illustrated in FIG. 12 is encrypted with a content key130 which is typically a symmetrical key.

The PPE may include additional hardware allowing bootstrapping in asecure manner and may include a verifying signed code. The PPE hascontrol of a memory managing unit (not illustrated) to restrict accessto certain areas of the memory during operation.

The CODEC 108 may be disposed outside the application specificintegrated circuit (ASIC)/CPU and furthermore, the output data from theCODEC may be from pins at the center of the integrated circuit makingaccess thereto physically difficult. Furthermore, the output lines mayrun through a center layer of a multi-layered printed circuit board toprovide additional protection to unauthorized access. As a result of thelocation exterior to the ASIC, the CODEC 108 may be removed from the PPEto permit change during the lifetime of the device.

The PPE 104 includes its own tamper-proof key 112 and includes a securearea for using the protected key making it a secure platform. As aresult, the DRM engine 100 functions as a remote control of the DRMagent 106 in the PPE for reproduction of the content 124. Thisarchitecture has the advantage that the content 124 is only unprotectedinside of the PPE 102 which strongly guards against theft. Therefore,even if the DRM engine 100 is unintentionally or maliciouslycompromised, all that can be accomplished is to play the content againstthe business rules within the voucher 122. Moreover, if a DRM engineattack is successful on one terminal, it does not break all of theterminals.

The operation of the terminal 19 in FIG. 10 to play back the content 124is as follows. The first step 140 is when the private keys 116 and 118in the protected store 114 are respectively used to initialize the DRMengine 100 which is unprotected except for its own tamper proof schemesand the DRM agent 106 in the PPE 104. The play message step 142 occurswhen the user activates the application player reader 144 to play DRMprotected content, such as music. The play message 142 is sent to theDRM engine 100. The voucher 122 is loaded at step 146 into the DRMengine 100 for the content 124 in the unprotected storage 120 which isto be reproduced. The DRM engine 100 next, at step 148, decrypts thebusiness rules within the voucher 122 to determine if the requestedusage is permitted. The DRM engine 100 does not and cannot decrypt thecontent as it is protected by the TPPE public key (not illustrated),which is contained in the DRM agent 106. Assuming that the businessrules are verified by the DRM engine processing 148, at step 150 the DRMagent 106 in the PPE is signalled so that it is considered by the DRMagent to be authorized to play the content 124 which may be music,video, etc. At step 152, the DRM agent 106 in the PPE obtains thevoucher 122 from the unprotected storage 120 and decrypts the contentkey therein using the TPPE private key 118. The DRM agent 106 then opensthe content file in the unprotected storage. At step 154, the contentstream is decrypted using the content key 126. Finally, at step 156, thedecrypted content is processed by CODEC 108 where it is converted toanalog and transmitted to the external reproduction device such as aspeaker 110 when the content is audio.

The terminal of FIG. 10 has significant attributes. The content 124 isnever in plain digital form outside the PPE 104. The DRM agent 106 inthe PPE 104 functions as a decrypting system and contains much lesssoftware than putting the entire DRM engine 100 within the PPE.Unauthorized entry into the PPE is very difficult to accomplish.Finally, unauthorized entry into the DRM engine 100 is difficult and atworst, allows multiple playing on a given device, but does notcompromise the entire system.

It will be appreciated by those skilled in the art that thefunctionality of the rendering machine set out above may be providedthrough software, hardware or any combination thereof.

While the present invention has been described in terms of its preferredembodiments, it should be understood that numerous modifications may bemade thereto without departing from the scope of the present invention.It is intended that all such modifications fall within the scope of theappended claims.

1-34. (canceled)
 35. A method for creating a license which facilitatesdecryption of content on a terminal, the method comprising: appending aset of binding attributes to a content decryption key wherein thebinding attributes include attributes obtained from a trusted storage.36. A method as claimed in claim 35 wherein: the binding attributes fromthe trusted storage comprise a public key certificate of a licensee witha corresponding private key being held on another terminal.
 37. A methodas claimed in claim 36, comprising encrypting at least the contentdecryption key.
 38. A method as claimed in claim 37, comprising:distributing to the terminal a decryption key for decrypting theencrypted content decryption key.
 39. A method as claimed in claim 36,wherein: a plurality of binding attributes each having a respectivepublic key certificate of a licensee are appended to the contentdecryption key.
 40. A method as claimed in claim 37, wherein: aplurality of binding attributes each having a respective public keycertificate of a licensee are appended to the content decryption key.41. A method as claimed in claim 38, wherein: a plurality of bindingattributes each having a respective public key certificate of a licenseeare appended to the content decryption key.
 42. A computer-readablemedium storing a computer program comprising: executable code which isexecuted when loaded on a computer, to perform the method according toclaim
 36. 43. A computer-readable medium storing a computer programcomprising: executable code which is executed when loaded on a computer,to perform the method according to claim
 37. 44. A computer-readablemedium storing a computer program comprising: executable code which isexecuted when loaded on a computer, to perform the method according toclaim
 38. 45. A computer-readable medium storing a computer programcomprising: executable code which is executed when loaded on a computer,to perform the method according to claim
 39. 46. A computer-readablemedium storing a computer program comprising: executable code which isexecuted when loaded on a computer, to perform the method according toclaim
 40. 47. A computer-readable medium storing a computer programcomprising: executable code which is executed when loaded on a computer,to perform the method according to claim
 41. 48-53. (canceled)
 54. Amethod of distributing encrypted content to a rendering machinecomprising: delivering encrypted content and a license relating theretoto a rendering machine, the license containing binding attributescorresponding to a user identity; and requesting authentication of theattributes by a personal trusted device.
 55. A method as claimed inclaim 54, comprising: storing securely a license decryption key on therendering machine.
 56. A method as claimed in claim 55, wherein: thelicense decryption key is in a protected processing environment and is aprivate key with a corresponding public key being used to encrypt thelicense.
 57. A method as claimed in claim 54, wherein: the bindingattributes comprise a public key certificate of a user.
 58. A method asclaimed in claim 55, wherein: the binding attributes comprise a publickey certificate of a user.
 59. A method as claimed in claim 56, wherein:the binding attributes comprise a public key certificate of a user. 60.A method as claimed in claim 52, wherein: the request for authenticationof the attributes comprises a request to provide digitally signed data.61. A method as claimed in claim 58, wherein: the request forauthentication of the attributes comprises a request to providedigitally signed data.
 62. A method as claimed in claim 59, wherein: therequest for authentication of the attributes comprises a request toprovide digitally signed data.
 63. A computer-readable medium storing acomputer program comprising: executable code which executes when loadedon a computer, wherein the computer operates to carry out the methodaccording to claim
 54. 64. A computer-readable medium storing a computerprogram comprising: executable code which executes when loaded on acomputer, wherein the computer operates to carry out the methodaccording to claim
 55. 65. A computer-readable medium storing a computerprogram comprising: executable code which executes when loaded on acomputer, wherein the computer operates to carry out the methodaccording to claim
 56. 66. A computer-readable medium storing a computerprogram comprising: executable code which executes when loaded on acomputer, wherein the computer operated to carry out the methodaccording to claim
 57. 67. A computer-readable medium storing a computerprogram comprising: executable code which executes when loaded on acomputer, wherein the computer operates in accordance with the code tocarry out the method according to claim
 58. 68. A computer-readablemedium storing a computer program comprising: executable code whichexecutes when loaded on a computer, wherein the computer operates tocarry out the method according to claim
 59. 69. A computer-readablemedium storing a computer program comprising: executable code whichexecutes when loaded on a computer, wherein the computer operates tocarry out the method according to claim
 60. 70. A computer-readablemedium storing a computer program comprising: executable code whichexecutes when loaded on a computer, wherein the computer operates tocarry out the method according to claim
 61. 71. A computer-readablemedium storing a computer program comprising: executable code whichexecutes when loaded on a computer, wherein the computer operates tocarry out the method according to claim
 62. 72-83. (canceled)